To our users and all members of the community following this incident: regarding the recent security settings change and related fund loss reported by customer 9***6, we are hereby formally sharing the following — the findings of our comprehensive internal investigation, our analysis of the incident's cause, and the progress of subsequent handling:
Upon receiving the customer's report, we immediately launched a dedicated investigation, conducting a full review and cross-verification of the entire security settings unbinding request. After reviewing all application materials one by one, we confirmed that the applicant had submitted the following documents, which closely matched the customer's account:
We have verified all of the above information as true and valid. In particular, our technical team determined that the Alipay screen recording could only have been made by the customer, or by someone with access to the customer's Alipay account. Alipay has a very strict real-time risk-control system: when an unfamiliar device or IP address attempts to log in, Alipay requires multiple identity verifications.
This is a key piece of evidence in the case. It shows that the applicant not only had access to the customer's account information, but had also previously obtained the customer's real-name information, Alipay account, transaction records, and device permissions through external channels — and was able to pass Alipay's multiple identity checks.This conclusion is the main basis on which we reconstructed the full picture of the incident. This conclusion is the main basis on which we reconstructed the full picture of the incident.
Our security-settings unbinding review strictly follows a four-part verification model — advance multi-channel notification, automated risk-control pre-screening, multi-level manual review, and a protection period — and we have never approved, and will never approve, any security settings change based on a single piece of evidence alone. In practice, multiple documents must be cross-checked, and applicants are repeatedly asked to provide additional supporting materials during the review.
Gate has always treated information security and customer data protection as core priorities. Contrary to what some have suggested, no internal data leak occurred. As a financial platform with over 13 years of operation, we have a mature system for access management and data-leak prevention.
In addition to holding international security certifications such as ISO/IEC 27001 and PCI DSS, we enforce strict tiered access controls and maintain access logs for all customer data. Whenever a suspicious issue arises, we can trace the logs to check for any leak; our investigation found no record of a data leak in this incident. In addition, during the unbinding review, we required Alipay screen recordings covering a specified period, and the applicant provided them accurately. The platform never held these materials, so it would have been impossible for us to leak them.
We also found that some of the sensitive identity information the applicant provided was never held by the platform and came from external sources.
On the fund recovery that most concerns the customer, we have made it our highest priority since the incident. Specific progress is as follows:
We will continue to follow up throughout. If the customer initiates legal proceedings, we will actively cooperate with the judicial authorities on investigation and evidence collection, and we will inform the customer of any substantive progress as soon as possible.
Based on our findings, we sincerely urge customers to note that the central risk in this incident was the external leak of the customer's real-name information, Alipay account, and device permissions, which a third party obtained and misused. We therefore strongly recommend that customers immediately strengthen the security of their personal information and everyday devices, including but not limited to:
We also deeply regret that the customer did not contact the platform during the three-day email and SMS notification window, which meant the opportunity to intercept the change was missed.
These measures will help prevent similar risks in the future and better protect customers' accounts and assets.
We always handle every user incident according to the principles of responsibility, transparency, and compliance. This notice is based on the established facts and investigation evidence, and is true, accurate, and complete. If you have any questions or need further assistance, you can contact us at any time through our official customer support channel.
Thank you for your understanding and cooperation.
Gate Team
July 9, 2026
Gateway to Crypto
Trade over 4,700 cryptocurrencies safely, quickly, and easily on Gate
Take Action Now
Sign up and claim up to $10,000 in welcome rewards
Invite friends and earn a 40% commission
Stay Connected
Visit Gate's official website
Download the Gate App | Desktop
Follow us on X (Twitter) to get more bonuses
Join our Telegram community to discuss trending topics
Engage with our global community for the latest insights
Transparency & Security
Check our 100% Proof of Reserves
Share Posts


Related Articles